Description
Authentication modules in Netatalk 1.5.0 through 4.4.2 fail to check the return value of seteuid(), which may allow a remote authenticated attacker to retain elevated privileges under error conditions.
Published: 2026-05-21
Score: 4 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Netatalk 1.5.0 through 4.4.2 contains a flaw where failures of seteuid calls within authentication modules are ignored. The failure to handle the return value allows a process to retain elevated privileges after authentication when it should have dropped to a lower privilege level. This vulnerability, classified as CWE-273, can be leveraged by a remote authenticated attacker to keep higher privileges than intended. The impact is a privilege escalation that enables the attacker to perform any action allowed to the privileged owner of the Netatalk daemon, but it does not provide arbitrary code execution.

Affected Systems

Systems running Netatalk versions 1.5.0, 1.5.1, 2.x, 3.x, 4.0 through 4.4.2 on Unix-like platforms are affected. The flaw resides in the authentication modules shipped with these releases and is not mitigated by earlier or later releases according to the available CVE data.

Risk and Exploitability

The CVSS score of 4.0 indicates medium severity. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting a relatively low probability of widespread exploitation. The likely attack vector involves a remote authenticated user who triggers authentication logic over Netatalk’s network protocols (AppleTalk, SMB, NFS). Successful exploitation would require valid authentication or a separate flaw in the authentication mechanism, which limits the overall likelihood compared to higher‑impact vulnerabilities.

Generated by OpenCVE AI on May 21, 2026 at 11:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch or upgrade to the newest Netatalk release that includes the fix for the seteuid bug.
  • Reconfigure the Netatalk daemon to run under a dedicated low‑privilege user, such as "at" or another non‑root account, so that even if authentication modules ignore seteuid, the process cannot gain system‑wide privileges.
  • Implement mandatory access control policies (SELinux, AppArmor) to restrict Netatalk’s capability to change euid and to limit its network exposure; monitor logs for anomalous privilege‑elevation attempts.

Generated by OpenCVE AI on May 21, 2026 at 11:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 21 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description In Netatalk 1.5.0 through 4.4.2, seteuid failure ignored in auth modules. Fixed in 4.5.0. Authentication modules in Netatalk 1.5.0 through 4.4.2 fail to check the return value of seteuid(), which may allow a remote authenticated attacker to retain elevated privileges under error conditions.

Thu, 21 May 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Netatalk
Netatalk netatalk
Vendors & Products Netatalk
Netatalk netatalk

Thu, 21 May 2026 07:45:00 +0000

Type Values Removed Values Added
Description In Netatalk 1.5.0 through 4.4.2, seteuid failure ignored in auth modules. Fixed in 4.5.0.
Title seteuid failure ignored in auth modules
Weaknesses CWE-273
References
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L'}

Subscriptions

Netatalk Netatalk
cve-icon MITRE

Status: PUBLISHED

Assigner: securin

Published:

Updated: 2026-05-21T07:52:54.774Z

Reserved: 2026-05-05T07:25:20.196Z

Link: CVE-2026-44073

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-21T08:16:22.913

Modified: 2026-05-21T09:16:29.553

Link: CVE-2026-44073

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T11:45:09Z

Weaknesses